Custom security provider exception
Good day, colleagues. I want to raise an old topic.
I use custom security provider exceptions:
-AccountExpiredException
-AccountLockedException
However, the login() method only captures FailedLoginException
try
CallbackHandler pwcall = new weblogic.security.URLCallbackHandler(user, pass.getBytes("UTF-8"));
subject = weblogic.security.services.Authentication.login(pwcall);
weblogic.servlet.security.ServletAuthentication.runAs(subject, request);
catch (javax.security.auth.login.LoginException e) {
e.printStackTrace();
javax.security.auth.login.FailedLoginException: [Security:090304]Authentication Failed: User ...
at weblogic.security.providers.authentication.LDAPAtnLoginModuleImpl.login(LDAPAtnLoginModuleImpl.java:240)
at com.bea.common.security.internal.service.LoginModuleWrapper$1.run(LoginModuleWrapper.java:110)
at java.security.AccessController.doPrivileged(Native Method)
I found similar questions IdentityAssertion custom exception, FailedLoginException asked many years ago for WLS 9.2
Their solution (wlp.propogate.login.exception.cause=true) does not work for WLS 10.3.
How to propagate original LoginException?
Or exception message only.
I did it! look closely to source code:
javax.security.auth.login.LoginContext:875
if (moduleStack[i].entry.getControlFlag() == AppConfigurationEntry.LoginModuleControlFlag.REQUISITE) {
// if REQUISITE, then immediately throw an exception
if (methodName.equals(ABORT_METHOD) || methodName.equals(LOGOUT_METHOD)) {
if (firstRequiredError == null)
firstRequiredError = le;
} else {
throwException(firstRequiredError, le);
} else if (moduleStack[i].entry.getControlFlag() == AppConfigurationEntry.LoginModuleControlFlag.REQUIRED) {
// mark down that a REQUIRED module failed
if (firstRequiredError == null)
firstRequiredError = le;
} else {
// mark down that an OPTIONAL module failed
if (firstError == null)
firstError = le;
javax.security.auth.login.LoginContext:922
// we went thru all the LoginModules.
if (firstRequiredError != null) {
// a REQUIRED module failed -- return the error
throwException(firstRequiredError, null);
} else if (success == false && firstError != null) {
// no module succeeded -- return the first error
throwException(firstError, null);
} else...
I set Control flag: OPTION to DefaultAuth (was REQUIRED)
and order it after my LoginModule. (restart required!)
Now I catch my exceptions %)
Similar Messages
-
Custom Security Provider impossible to remove the MBean Jar File
Hi,
I am currently developping a custom security provider for Weblogic. I
have deploy my Mbean File Jar on a remote server weblogic running on
solaris. NO authentication provider for this security provider has
been defined in the console, it means there is no link with this
security provider. Nevertheless, when I remove the MJF the server
crashes when starting:
<...>
<May 21, 2003 3:37:08 PM CEST> <Critical> <WebLogicServer> <000364>
<Server failed during initialization.
Exception:weblogic.management.configuration.ConfigurationException: -
with nested exception:
[javax.management.MBeanException: Commo type:
be.fgov.minfin.ccff.security.provider.CCFFSimpleSampleAuthenticator is
not loaded. Checks MJFs.]
javax.management.MBeanException: Commo type:
be.fgov.minfin.ccff.security.provider.CCFFSimpleSampleAuthenticator is
not loaded. Checks MJFs.
at weblogic.management.commo.CommoModelMBean.load(CommoModelMBean.java:588)
at weblogic.management.commo.Commo.initInstances(Commo.java:241)
at weblogic.management.commo.Commo.init(Commo.java:125)
at weblogic.management.AdminServerAdmin.initializeCommo(AdminServerAdmin.java:477)
at weblogic.management.AdminServerAdmin.initialize(AdminServerAdmin.java:108)
at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:659)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:589)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:277)
at weblogic.Server.main(Server.java:32)
<...>
I have been looking through all the config file where the MJF
(removed) could be linked but I did not find anything.
I am really confused because with my local weblogic running on
win2000, there is no problem to remove this MJF.
Thx in advance,
tiggyTiggy,
Remove the userConfig directory under your domain directory. That should
fix the problem.
Thanks,
~satya
Tiggy wrote:
Hi,
I am currently developping a custom security provider for Weblogic. I
have deploy my Mbean File Jar on a remote server weblogic running on
solaris. NO authentication provider for this security provider has
been defined in the console, it means there is no link with this
security provider. Nevertheless, when I remove the MJF the server
crashes when starting:
<...>
<May 21, 2003 3:37:08 PM CEST> <Critical> <WebLogicServer> <000364>
<Server failed during initialization.
Exception:weblogic.management.configuration.ConfigurationException: -
with nested exception:
[javax.management.MBeanException: Commo type:
be.fgov.minfin.ccff.security.provider.CCFFSimpleSampleAuthenticator is
not loaded. Checks MJFs.]
javax.management.MBeanException: Commo type:
be.fgov.minfin.ccff.security.provider.CCFFSimpleSampleAuthenticator is
not loaded. Checks MJFs.
at weblogic.management.commo.CommoModelMBean.load(CommoModelMBean.java:588)
at weblogic.management.commo.Commo.initInstances(Commo.java:241)
at weblogic.management.commo.Commo.init(Commo.java:125)
at weblogic.management.AdminServerAdmin.initializeCommo(AdminServerAdmin.java:477)
at weblogic.management.AdminServerAdmin.initialize(AdminServerAdmin.java:108)
at weblogic.t3.srvr.T3Srvr.initialize1(T3Srvr.java:659)
at weblogic.t3.srvr.T3Srvr.initialize(T3Srvr.java:589)
at weblogic.t3.srvr.T3Srvr.run(T3Srvr.java:277)
at weblogic.Server.main(Server.java:32)
<...>
I have been looking through all the config file where the MJF
(removed) could be linked but I did not find anything.
I am really confused because with my local weblogic running on
win2000, there is no problem to remove this MJF.
Thx in advance,
tiggy -
OEPE can't launch server that uses custom Security provider
I recently migrated a Weblogic 8.1 server that we had a custom security provider for, to 10.3.2. It works fine when started with the startWeblogic.cmd file but when I try to start it using OEPE in eclipse it starts fine and runs fine but OEPE reports that
"Unable to validate WebLogic domain.Please make sure the running WebLogic instance is an Administration Server"
When I look at the Error Log it appears that it thinks one of my custom security classes is not found. But the server is running fine, so it is fine, it's on the classpath via the use of the EXT_PREPEND_CLASSPATH environment variable.
I am running Weblogic 10.3.2 on Windows XP using eclipse Ganymede 3.5.2 and OEPE version 1.5.0.201003170852
Here's the Error Log:
eclipse.buildId=
java.version=1.6.0_03
java.vendor=Sun Microsystems Inc.
BootLoader constants: OS=win32, ARCH=x86, WS=win32, NL=en_US
Framework arguments: -product org.eclipse.epp.package.jee.product
Command-line arguments: -os win32 -ws win32 -arch x86 -product org.eclipse.epp.package.jee.product
This is a continuation of log file C:\tools\eclipse-workspaces\galileo\.metadata\.bak_3.log
Created Time: 2010-05-12 14:04:01.549
Error
Thu May 13 14:25:11 EDT 2010
Server Weblogic 10.3 failed to start.
eclipse.buildId=
java.version=1.6.0_03
java.vendor=Sun Microsystems Inc.
BootLoader constants: OS=win32, ARCH=x86, WS=win32, NL=en_US
Framework arguments: -product org.eclipse.epp.package.jee.product
Command-line arguments: -os win32 -ws win32 -arch x86 -product org.eclipse.epp.package.jee.product
This is a continuation of log file C:\tools\eclipse-workspaces\galileo\.metadata\.bak_3.log
Created Time: 2010-05-12 14:04:01.549
Error
Thu May 13 14:25:10 EDT 2010
Another server (or another process) is running on the same TCP/IP port '7001'.
eclipse.buildId=
java.version=1.6.0_03
java.vendor=Sun Microsystems Inc.
BootLoader constants: OS=win32, ARCH=x86, WS=win32, NL=en_US
Framework arguments: -product org.eclipse.epp.package.jee.product
Command-line arguments: -os win32 -ws win32 -arch x86 -product org.eclipse.epp.package.jee.product
This is a continuation of log file C:\tools\eclipse-workspaces\galileo\.metadata\.bak_3.log
Created Time: 2010-05-12 14:04:01.549
Warning
Thu May 13 14:25:10 EDT 2010
Unable to validate WebLogic domain.
Please make sure the running WebLogic instance is an Administration Server
eclipse.buildId=
java.version=1.6.0_03
java.vendor=Sun Microsystems Inc.
BootLoader constants: OS=win32, ARCH=x86, WS=win32, NL=en_US
Framework arguments: -product org.eclipse.epp.package.jee.product
Command-line arguments: -os win32 -ws win32 -arch x86 -product org.eclipse.epp.package.jee.product
This is a continuation of log file C:\tools\eclipse-workspaces\galileo\.metadata\.bak_3.log
Created Time: 2010-05-12 14:04:01.549
Error
Thu May 13 14:25:10 EDT 2010
java.io.IOException
at weblogic.management.remote.common.ClientProviderBase.makeConnection(ClientProviderBase.java:187)
at weblogic.management.remote.common.ClientProviderBase.newJMXConnector(ClientProviderBase.java:81)
at javax.management.remote.JMXConnectorFactory.newJMXConnector(Unknown Source)
at javax.management.remote.JMXConnectorFactory.connect(Unknown Source)
at oracle.eclipse.tools.weblogic.server.internal.WlsJMXHelper.createConnector(WlsJMXHelper.java:269)
at oracle.eclipse.tools.weblogic.server.internal.WlsJMXHelper.connectToJMX(WlsJMXHelper.java:76)
at oracle.eclipse.tools.weblogic.server.internal.WlsJMXHelper.getDomainAttribute(WlsJMXHelper.java:139)
at oracle.eclipse.tools.weblogic.server.internal.WlsJ2EEDeploymentHelper.validateRemote(WlsJ2EEDeploymentHelper.java:1687)
at oracle.eclipse.tools.weblogic.server.internal.WeblogicServerBehaviour.validateRemote(WeblogicServerBehaviour.java:2646)
at oracle.eclipse.tools.weblogic.server.internal.ServerWatcher.runOnce(ServerWatcher.java:574)
at oracle.eclipse.tools.weblogic.server.internal.ServerWatcher.run(ServerWatcher.java:482)
at java.lang.Thread.run(Unknown Source)
Caused by: javax.naming.CommunicationException [Root exception is weblogic.rjvm.PeerGoneException: ; nested exception is:
weblogic.utils.NestedException: java.lang.AssertionError: Exception creating response stream]
at weblogic.jndi.internal.ExceptionTranslator.toNamingException(ExceptionTranslator.java:74)
at weblogic.jndi.internal.WLContextImpl.translateException(WLContextImpl.java:452)
at weblogic.jndi.internal.WLContextImpl.lookup(WLContextImpl.java:408)
at weblogic.jndi.internal.WLContextImpl.lookup(WLContextImpl.java:393)
at javax.naming.InitialContext.lookup(Unknown Source)
at weblogic.management.remote.common.ClientProviderBase.makeConnection(ClientProviderBase.java:170)
... 11 more
Caused by: weblogic.rjvm.PeerGoneException: ; nested exception is:
weblogic.utils.NestedException: java.lang.AssertionError: Exception creating response stream
at weblogic.rjvm.ResponseImpl.unmarshalReturn(ResponseImpl.java:234)
at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:348)
at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:259)
at weblogic.jndi.internal.ServerNamingNode_1032_WLStub.lookup(Unknown Source)
at weblogic.jndi.internal.WLContextImpl.lookup(WLContextImpl.java:405)
... 14 more
Caused by: weblogic.utils.NestedException: java.lang.AssertionError: Exception creating response stream
at weblogic.rjvm.RJVMImpl.gotExceptionReceiving(RJVMImpl.java:957)
at weblogic.rjvm.ConnectionManager.gotExceptionReceiving(ConnectionManager.java:1030)
at weblogic.rjvm.MsgAbbrevJVMConnection.gotExceptionReceiving(MsgAbbrevJVMConnection.java:459)
at weblogic.rjvm.t3.MuxableSocketT3.hasException(MuxableSocketT3.java:327)
at weblogic.socket.SocketMuxer.deliverExceptionAndCleanup(SocketMuxer.java:784)
at weblogic.socket.SocketMuxer.deliverHasException(SocketMuxer.java:724)
at weblogic.socket.JavaSocketMuxer.processSockets(JavaSocketMuxer.java:359)
at weblogic.socket.SocketReaderRequest.run(SocketReaderRequest.java:29)
at weblogic.work.ExecuteRequestAdapter.execute(ExecuteRequestAdapter.java:21)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:145)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:117)
Caused by: java.lang.AssertionError: Exception creating response stream
at weblogic.rjvm.MsgAbbrevJVMConnection.readMsgAbbrevs(MsgAbbrevJVMConnection.java:238)
at weblogic.rjvm.MsgAbbrevInputStream.init(MsgAbbrevInputStream.java:173)
at weblogic.rjvm.MsgAbbrevJVMConnection.dispatch(MsgAbbrevJVMConnection.java:439)
at weblogic.rjvm.t3.MuxableSocketT3.dispatch(MuxableSocketT3.java:322)
at weblogic.socket.BaseAbstractMuxableSocket.dispatch(BaseAbstractMuxableSocket.java:298)
at weblogic.socket.SocketMuxer.readReadySocketOnce(SocketMuxer.java:915)
at weblogic.socket.SocketMuxer.readReadySocket(SocketMuxer.java:844)
at weblogic.socket.JavaSocketMuxer.processSockets(JavaSocketMuxer.java:335)
... 4 more
Caused by: java.lang.ClassNotFoundException: com.companyname.security.principal.CompanyNameWebLogicPrincipal
at java.net.URLClassLoader$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClassInternal(Unknown Source)
at java.lang.Class.forName0(Native Method)
at java.lang.Class.forName(Unknown Source)
at java.io.ObjectInputStream.resolveClass(Unknown Source)
at java.io.ObjectInputStream.readNonProxyDesc(Unknown Source)
at java.io.ObjectInputStream.readClassDesc(Unknown Source)
at java.io.ObjectInputStream.readOrdinaryObject(Unknown Source)
at java.io.ObjectInputStream.readObject0(Unknown Source)
at java.io.ObjectInputStream.readObject(Unknown Source)
at java.util.LinkedList.readObject(Unknown Source)
at sun.reflect.GeneratedMethodAccessor46.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at java.io.ObjectStreamClass.invokeReadObject(Unknown Source)
at java.io.ObjectInputStream.readSerialData(Unknown Source)
at java.io.ObjectInputStream.readOrdinaryObject(Unknown Source)
at java.io.ObjectInputStream.readObject0(Unknown Source)
at java.io.ObjectInputStream.defaultReadFields(Unknown Source)
at java.io.ObjectInputStream.readSerialData(Unknown Source)
at java.io.ObjectInputStream.readOrdinaryObject(Unknown Source)
at java.io.ObjectInputStream.readObject0(Unknown Source)
at java.io.ObjectInputStream.defaultReadFields(Unknown Source)
at java.io.ObjectInputStream.defaultReadObject(Unknown Source)
at weblogic.security.acl.internal.AuthenticatedSubject.readObject(AuthenticatedSubject.java:406)
at sun.reflect.GeneratedMethodAccessor57.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at java.io.ObjectStreamClass.invokeReadObject(Unknown Source)
at java.io.ObjectInputStream.readSerialData(Unknown Source)
at java.io.ObjectInputStream.readOrdinaryObject(Unknown Source)
at java.io.ObjectInputStream.readObject0(Unknown Source)
at java.io.ObjectInputStream.readObject(Unknown Source)
at weblogic.rjvm.InboundMsgAbbrev.readObject(InboundMsgAbbrev.java:65)
at weblogic.rjvm.InboundMsgAbbrev.read(InboundMsgAbbrev.java:37)
at weblogic.rjvm.MsgAbbrevJVMConnection.readMsgAbbrevs(MsgAbbrevJVMConnection.java:227)
... 11 moreI am also facing the same issue.
i am running my web service program on tomcat. the server is weblogic 9.1. I am trying to invoke the EJBs running on the server from the tomcat.
i am getting similar exception. anyone got a solution for this ?
Caused by: weblogic.rjvm.PeerGoneException: ; nested exception is:weblogic.utils.NestedException: java.lang.AssertionError: Exception creating response stream at weblogic.rjvm.ResponseImpl.unmarshalReturn(ResponseImpl.java:234)
thanks
Kiranlal. -
How to get domain name in java code/custom security provider
Hi all,
I've developed a custom security provider and deployed it in WL_HOME/server/lib/mbeantypes folder. I also have multiple domain created and running in the same machine. now if a user logs in from a specific domain, say, t3://localhost:7005, how do I retrieve the domain name in my custom security provider?
I found the following code could do it, but this code needs to know the port number in advance
Hashtable env = new Hashtable();
env.put(Context.PROVIDER_URL,"t3://localhost:7101");
env.put(Context.INITIAL_CONTEXT_FACTORY,
"weblogic.jndi.WLInitialContextFactory");
env.put(Context.SECURITY_PRINCIPAL,"weblogic");
env.put(Context.SECURITY_CREDENTIALS,"weblogic1");
Context ctx = new InitialContext(env);
MBeanHome home = (MBeanHome)ctx.lookup(MBeanHome.ADMIN_JNDI_NAME);
String domainName = home.getDomainName();
System.out.println(domainName);
Any help is greatly appreciated...
Thanks,
Philip
Edited by: VivaCuba on Nov 14, 2010 9:43 AMCheck out methods in the following classes: LegacyDirectoryLocator and DirectoryLocator.
Jonathan
http://jonathanhult.com -
Unable to save changes in console for a custom security provider
I built a custom security provider and dropped it in the mbeantypes folder. This gets picked up by weblogic. I then try to modify the control flags and make it SUFFICIENT. I reboot the server but when i log back in the control flag is reset to OPTIONAL. It not saving the data to the xml file. We are running it on a UNIX box.
Hi,
I solved the problem by myself.
The log area was at 100%, that's why the configtool wasn't able to save my changes.
Now I changed the backup properties for the log files to AutoLog (in the Backup Wizard) and it works fine.
Best regards,
Christian -
Building an Admin Console Extension for a Custom Security Provider
I am looking for an example or a description how to build an Administration Console extension for a custom Authentication Provider.
Especially the creation page for the provider is interesting because I am not able to create and register the required Authentication Provider MBean.
The call “mbeanHome.getMBeanServer().createMBean(className,objectname)” always throws the following Exception “javax.management.ReflectionException: The MBean class could not be loaded by the default loader repository”
Even if I try the class “weblogic.security.providers.authentication.IPlanetAuthenticator”, that is part of the bea distribution, the same exception is thrown.
It seams that the Problem has something to do with class loaders?
When I use the standard admin console pages to create and configure my provider everything works fine.
The only example “kennedy0208.zip” I found in the net does not deal with the creation of the MBean.
It only customizes the edit pages for the provider and at that point the MBean has already been created by the standard admin pages.
Maybe the author discovered the same Problems and gave up!?
What makes me wondering is that I have to put my MBean Classes to my console extension war file to be able to import the packages in my jsp.
If I not put the classes to my war the compiler throws an exception because he can’t resolve the package.
Because I moved my provider implementation jar to the directory “WLHOME\server\lib\mbeantypes” as described in the bea documentation it should run without putting the classes to the war!?!
I am very surprised that the bea documentation does not provide any example about this topic.Found it. Cut and paste error. I still had one of their example class
names in my code. Oops. -
Unable to provide custom security impelmentation (BPELProcessValidator)
Hey Gurus,
I got a question regarding custom implementation of BPELProcessValidator class.
My project requires me to secure each Business Process hosted in Ora BPEL PM.
I have implemented my custom class MyValidator that extends BPELProcessValidator.
I would like to use this class as my security implementation. As per the documentation
I invoke the oc4j instance that hosts Oracle BPEL with a directive -Doracle.bpel.customvalidator=D:\OraBPELPM\security.properties
security.properties file contains the name of the Java class that provides the security implementation.
This does not work though. BPEL PM doesnt even try to load this class. Do let me know if I am missing
something.
Please refer to the presentation at http://www.oracle.com/technology/products/ias/bpel/pdf/bpelsecextenstionphase2.pdf
My BPEL build : 10.1.2.0.2 [build #2196 ] - type: release
I would appreciate any pointers/code/doc that would help me implement custom security provider for BPEL.
AbhijeetHi Clemens,
Thanks for quick reply. I got something going today. However I still have some issues. Now the BPEL engine is not able to find the class that I have implemented.
at java.lang.Thread.run(Thread.java:534)
<2006-02-28 12:31:53,296> <ERROR> <default.collaxa.cube.engine> <MessageHandle
anager::createHandler>
java.lang.ClassNotFoundException: BusinessProcess.MyValidator
at com.evermind.naming.ContextClassLoader.findClass(ContextClassLoader
ava:500)
I tried to set the class path to point to the directory that contains BusinessProcess.MyValidator class. Set up the system CLASSPATH / Put this class in OC4J Lib and alike but never got it in with the classloader.
Strange part is that through the same OC4J instace when i tried to invoke a method in this class through a JSP I got a response. This means the OC4J did have access to my class.
Will you please let me know where I should put my classes so that collaxa implementation can find it.
Also, may I know when the security tab in the BPEL domain manager will be available to external world.
Regards
Abhijeet -
Hi ,
I have the following error while i am stopping a Weblogic instance. Did anyone face a similar issue, please let me know. I see a classnotfound error , but not sure what is that jar file. Is it a application jar or a weblogic one?
Stopping Weblogic Server...
Initializing WebLogic Scripting Tool (WLST) ...
log4j: Trying to find [resources/comdev/default-log4j.properties] using context classloader java.net.URLClassLoader@183f74d.
log4j: Using URL [jar:file:/teamrule/10.2/modules/com.bea.cie.comdev_5.3.0.0.jar!/resources/comdev/default-log4j.properties] for automatic log4j configuration.
log4j: Reading configuration from URL jar:file:/teamrule/10.2/modules/com.bea.cie.comdev_5.3.0.0.jar!/resources/comdev/default-log4j.properties
log4j: Hierarchy threshold set to [ALL].
log4j: Parsing for [root] with value=[INFO, NA].
log4j: Level token is [INFO].
log4j: Category root set to INFO
log4j: Parsing appender named "NA".
log4j: Parsed "NA" options.
log4j: Finished configuring.
Welcome to WebLogic Server Administration Scripting Shell
Type help() for help on available commands
Connecting to t3://localhost:7009 with userid weblogic ...
This Exception occurred at Sun Apr 10 14:17:03 UTC 2011.
javax.naming.CommunicationException [Root exception is java.rmi.UnmarshalException: failed to unmarshal class weblogic.security.acl.internal.AuthenticatedUser; nested excep
tion is:
java.lang.ClassNotFoundException: Failed to load class com.msl.security.providers.SessionPrincipal]
at weblogic.jndi.internal.ExceptionTranslator.toNamingException(ExceptionTranslator.java:74)
at weblogic.jndi.internal.ExceptionTranslator.toNamingException(ExceptionTranslator.java:32)
at weblogic.jndi.WLInitialContextFactoryDelegate.toNamingException(WLInitialContextFactoryDelegate.java:773)
at weblogic.jndi.WLInitialContextFactoryDelegate.pushSubject(WLInitialContextFactoryDelegate.java:673)
at weblogic.jndi.WLInitialContextFactoryDelegate.newContext(WLInitialContextFactoryDelegate.java:466)
at weblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialContextFactoryDelegate.java:373)
... 48 more
Problem invoking WLST - Traceback (innermost last):
File "/web/10.2/user_projects/domains/dom/shutdown.py", line 1, in ?
File "<iostream>", line 22, in connect
WLSTException: 'Error occured while performing connect : Error getting the initial context. There is no server running at t3://localhost:7009 Use dumpStac
k() to view the full stacktrace'
Thanks a lot for your time.
ManishHi Manish,
It seems that you are using a custom security provider and the weblogic server is not able to find the class / jar file that contains the class.
java.lang.ClassNotFoundException: Failed to load class com.msl.security.providers.SessionPrincipal]
Make sure you have all the required jar files in the server classpath.
You can use the JarScan utility to find the jar that contains the class.
Refer the below link regarding the jarScan.
http://weblogic-wonders.com/weblogic/2011/01/26/finding-jar-files-using-jarscan/
Regards,
Anandraj
http://weblogic-wonders.com -
Error using 10.1.3 Security Provider:3rd party LDAP or Custom Login Module
Hello all,
After deploying my JSF/ADF application using Jdeveloper 10.1.3 to Oracle Application Server 10.1.3, I used the Application Server control to change the 'Security Provider' configuration:
1. Using 3rd Party LDAP Provider (Novell eDirectory)
I get the following error when restarting the application with the new config.
06/06/21 16:42:32 Error while configuring security provider MBean for application AccessList
06/06/21 16:42:32 java.lang.ClassNotFoundException: oracle/security/jazn/jmx/CustomLDAPSecurityProvider
2. Using Custom Login Module (again programmatically talks to eDirectory and it works in UIX/10.1.2 application)
I get the following error when restarting the application with the new config.
06/06/21 14:31:19 Error while configuring security provider MBean for application AccessList
06/06/21 14:31:19 java.lang.ClassNotFoundException: oracle/security/jazn/jmx/LoginModuleSecurityProviderAlso, I get this error with both the settings..
06/06/21 14:31:19 WARNING: Application.setConfig Application: AccessList is in failed state as initialization failedjava.lang.
InstantiationException
Jun 21, 2006 2:31:19 PM com.evermind.server.Application setConfig
WARNING: Application: AccessList is in failed state as initialization failedjava.lang.InstantiationException
06/06/21 14:31:19 java.lang.InstantiationException
06/06/21 14:31:19 at com.evermind.server.ApplicationStateRunning.initDataSources(ApplicationStateRunning.java:1424)
06/06/21 14:31:19 at com.evermind.server.ApplicationStateRunning.initializeApplication(ApplicationStateRunning.java:195)
java.lang.ClassNotFoundException error leads me to believe, I am just missing to include some libraries..
I have included "bc4j.security" in my web project and I am not sure if that is what is needed!
Will appreciate your help..
Thanks,
KarthikThe problem i had with my Custom login module was that JDeveloper includes the datasources listed in the connection tab.
When JDeveloper does that it writes the username and password in the jazn-data.xml. But with the Custom Login module the reference in de data-source declaration cannot find the password. that's why i got the InstantiationException at the initDataSources point.
In tools>preferences>deployment you can uncheck the option:
Bundle Default data-sources.xml During Deployment.
The problem with this is when i specify a datasource in the data-sources.xml i included myself, jdeveloper will also put de datasources under the Connections tab in the data-sources.xml.
Does anyone knows how to stop jdeveloper putting the datasources automatic in the file, or how to prevent jdeveloper storing the password in jazn-data.xml? -
Using Federated Security in BizTalk against custom Token Provider and Custom Token
Hi,
I as the topic states, I'm trying to get BizTalk to use a Custom Token Provider with custom tokens.
So I thought this would be rather painless using ws2007FederationHttpBinding but got stuck. The problem is that the service expect soap action and a special structure (se example):
Request:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsc="common.namespace" xmlns:ws="securitytoken.namespace">
<soapenv:Header>
<wsc:AutHeader>
Containing Custom Auth header information tags, about 20 or so
</wsc:AutHeader>
</soapenv:Header>
<soapenv:Body>
<ws:SECSSecurityTokenCreate_V1_0InputArgs>
<ws:SecurityTokenCreateRequest>
<ws:securityToken><!-- signed SAML assertion --></ws:securityToken>
</ws:SecurityTokenCreateRequest>
</ws:SECSSecurityTokenCreate_V1_0InputArgs>
</soapenv:Body>
</soapenv:Envelope>
Response:
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Body>
<SECSSecurityTokenCreate_V1_0OutputArgs xmlns:ns2="common.namespace" xmlns="tokenservice,namespace">
<SecurityTokenCreateResponse>
<securityToken> <!-- THE Custom TOKEN --> </securityToken>
</SecurityTokenCreateResponse>
<ResponseState>
<ns2:ErrorCode>0</ns2:ErrorCode>
<ns2:Severity>0</ns2:Severity>
<ns2:ComponentId>201</ns2:ComponentId>
<ns2:StrErrorCode xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:nil="true" />
<ns2:Message>OK</ns2:Message>
<ns2:NativeError xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:nil="true" />
<ns2:LogSequence xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:nil="true" />
</ResponseState>
</SECSSecurityTokenCreate_V1_0OutputArgs>
</soap:Body> </soap:Envelope>
Error Message in BizTalk, when I send message via ws2007FederationHTTPBinding to the SOAP service, as expected the soap structure dosent match the expected one from the server, most obvisly is the missing SOAP action and incorrect BODY element.
System.ServiceModel.ProtocolException: The content type text/html; charset=iso-8859-1 of the response message does not match the content type of the binding (application/soap+xml; charset=utf-8). If using a custom encoder, be sure that the IsContentTypeSupported method is implemented properly. The first 521 bytes of the response were: '<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope">
<soap:Body>
<soap:Fault>
<soap:Code>
<soap:Value>Server</soap:Value>
</soap:Code>
<soap:Reason>
<!--1 or more repetitions:-->
<soap:Text xml:lang="en">Missing operation for soapAction [null] and body element [{http://docs.oasis-open.org/ws-sx/ws-trust/200512}RequestSecurityToken] with SOAP Version [SOAP 1.2]</soap:Text>
</soap:Reason>
</soap:Fault>
</soap:Body>
</soap:Envelope>'. ---> System.Net.WebException: The remote server returned an error: (500) Internal Server Error.
at System.Net.HttpWebRequest.GetResponse()
at System.Servi
My plan to solve this is to try using beahviors added to the "inner" wcf binding that will help reconstruct the message from the standard form that I has, but I'm a bit vorried that I start to solve this and later on I'll have to add custom handling
for token extraction and handling since the token should be placed in a custom header in the soap envelope with custom namespace =).
So my question is, could this be solved via sw2007FederationHttpBinding or is an orchestration and some custom code for signing the path forward?
Thanks in advance for any help or guidance!
/MattiasIt's a little tough to use sw2007FederationHttpBinding, I faced similar situation before. :(
-
Cannot Start Weblogic Server After adding Custom Authentication Provider
Hi,
I implemented a Custom authentication provider and configured it wih Weblogic 10.3 application server. Although I successfully added Authentication provider, I couldn't restart my server. I used MBeanMaker utility to package my Authentication provider and login module. Although the MBean Utility signalled some warnings and severe messages, it successfully packaged the files. When I look at the config.xml file after adding he authenticator it just adds three lines
( <sec:authentication-provider>
<sec:name>STOREDPROCEDURE</sec:name>
</sec:authentication-provider>
) Although there are some other attributes of the authenticator.
Please advice.
Here is some stack trace.
Best Regards,
Salim
com.bea.common.engine.ServiceInitializationException: com.bea.common.engine.SecurityServiceRuntimeException: [Security:097533]SecurityProvider service class name for STOREDPROCEDURE is not specified.
at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:365)
at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:315)
at com.bea.common.engine.internal.ServiceEngineImpl.lookupService(ServiceEngineImpl.java:257)
at com.bea.common.engine.internal.ServicesImpl.getService(ServicesImpl.java:72)
at weblogic.security.service.internal.WLSIdentityServiceImpl.initialize(Unknown Source)
at weblogic.security.service.CSSWLSDelegateImpl.initializeServiceEngine(Unknown Source)
at weblogic.security.service.CSSWLSDelegateImpl.initialize(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.InitializeServiceEngine(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealm(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.loadRealm(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealms(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(Unknown Source)
at weblogic.security.service.SecurityServiceManager.initialize(Unknown Source)
at weblogic.security.SecurityService.start(SecurityService.java:141)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
com.bea.common.engine.SecurityServiceRuntimeException: [Security:097533]SecurityProvider service class name for STOREDPROCEDURE is not specified.
at com.bea.common.security.internal.legacy.service.SecurityProviderImpl.init(SecurityProviderImpl.java:47)
at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:363)
at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:315)
at com.bea.common.engine.internal.ServiceEngineImpl.lookupService(ServiceEngineImpl.java:257)
at com.bea.common.engine.internal.ServicesImpl.getService(ServicesImpl.java:72)
at weblogic.security.service.internal.WLSIdentityServiceImpl.initialize(Unknown Source)
at weblogic.security.service.CSSWLSDelegateImpl.initializeServiceEngine(Unknown Source)
at weblogic.security.service.CSSWLSDelegateImpl.initialize(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.InitializeServiceEngine(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealm(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.loadRealm(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealms(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(Unknown Source)
at weblogic.security.service.SecurityServiceManager.initialize(Unknown Source)
at weblogic.security.SecurityService.start(SecurityService.java:141)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
####<Feb 3, 2009 12:22:42 AM EET> <Error> <Security> <localhost.localdomain> <DefaultServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1233613362036> <BEA-090870> <The realm "myrealm" failed to be loaded: weblogic.security.service.SecurityServiceException: com.bea.common.engine.ServiceInitializationException: com.bea.common.engine.SecurityServiceRuntimeException: [Security:097533]SecurityProvider service class name for STOREDPROCEDURE is not specified..
weblogic.security.service.SecurityServiceException: com.bea.common.engine.ServiceInitializationException: com.bea.common.engine.SecurityServiceRuntimeException: [Security:097533]SecurityProvider service class name for STOREDPROCEDURE is not specified.
at weblogic.security.service.CSSWLSDelegateImpl.initializeServiceEngine(Unknown Source)
at weblogic.security.service.CSSWLSDelegateImpl.initialize(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.InitializeServiceEngine(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealm(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.loadRealm(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealms(Unknown Source)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(Unknown Source)
at weblogic.security.service.SecurityServiceManager.initialize(Unknown Source)
at weblogic.security.SecurityService.start(SecurityService.java:141)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
com.bea.common.engine.ServiceInitializationException: com.bea.common.engine.SecurityServiceRuntimeException: [Security:097533]SecurityProvider service class name for STOREDPROCEDURE is not specified.
at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:365)
at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:315)
at com.bea.common.engine.internal.ServiceEngineImpl.lookupService(ServiceEngineImpl.java:257)
at com.bea.common.engine.internal.ServicesImpl.getService(ServicesImpl.java:72)
at weblogic.security.service.internal.WLSIdentityServiceImpl.initialize(Unknown Source)
at weblogic.security.service.CSSWLSDelegateImpl.initializeServiceEngine(Unknown Source)
at weblogic.security.service.CSSWLSDelegateImpl.initialize(Unknown Source)You need to make sure that you nuke the whole directory that you are specifying to the MBean marker generator. For example, I use the following command to generate the provider jar file.
java -Dfiles=$PRJROOT/ERModel/classes -DMDF=$PRJROOT/ERModel/classes/MyCustomAuthenticator.xml -DMJF=$PRJROOT/ERModel/custom-auth-provider.jar -DtargetNameSpace=http://xmlns.oracle.com/oracleas/schema/11/adf/sampleapp/weblogic/providers -DpreserveStubs=true -DcreateStubs=true weblogic.management.commo.WebLogicMBeanMaker1c
I need to nuke the directory in the -Dfile option i.e. 'rm -rf $PRJROOT/ERModel/classes/' each time I generate the jar file. If you don't, the jar file generates without any error but you will get a runtime exception. -
Custom Security Manager or Security Event Interception from WebLogic Console
Hello,
I have built my own Security Manager and implemented custom preference/property mechanism for every Principal, so when I use my Swing client to create new User and new Group, as well as addMember to a Group, I know what to do with those properies/preferences.
Now, I want to use WebLogic Console to manage users and groups. I want to intercept events in my Security Manager about new User or Group creation or changing their memberships as Principals in order to handle their Preference/properties stuff myself...
I wonder what should I "listen" in order to understand that someone has changed membership of Users or Groups or about creation of new User or Group?
I use Weblogic Server 6.0 sp2
sergeHi Daniel,
> a custom security manager for the standard CM Repository
And this dictates you indeed to use the old API, as the CMRepositoryManager itself is using the old API.
The standard AclSecurityManager is implemented by com.sapportals.wcm.repository.manager.generic.security.AclSecurityManager. If you check out Configuration - Content Management - Repository Managers - Security Manager, you will see "ACL Security Manager" (the one from above) and "ACL Security Manager (for new Manager-API)". This is implementing / using the new API, but needs also a RM using the new API.
> java.lang.NoSuchMethodException: MySecurityManager.<init>
This exception only complains about a missing constructor!? Have you implemented a default constructor?!
> If this is the case, where can I find the API for IUMPrincipal? It is not included in any provided API because of deprecation.
The methods of the old EP5 user management are more or less similar to the new UME, so using the old deprecated API should be more or less straight forward.
There are also transformer methods for example to transform a "new" user object to an old EP5 one, see https://forums.sdn.sap.com/thread.jspa?threadID=235656&tstart=0
Hope it helps
Detlev -
Custom authenticaion provider in WebLogic Administration Portal
Hi all,
I'm trying to integrate a custom authentication provider in WL Administration Portal. Our users (i.e. administrators) need to be able to easily define Visitor Entitlements.
The goal is to present administrators with a user interface just like the one presented to you when you go to Users, Groups & Roles -> Visitor Entitlements -> <Any Role> -> Add Groups to role
with the DefaultAuthenticator.
I already implemented these interfaces in my authentication provider:
weblogic.management.commo.StandardInterface weblogic.management.security.authentication.AuthenticatorMBean weblogic.management.security.authentication.GroupMemberListerMBean weblogic.management.security.authentication.UserReaderMBean weblogic.management.security.authentication.GroupRemoverMBean weblogic.management.security.authentication.MemberGroupListerMBean
However, the Portal Administration Console only allows Predicate Entry, but does not display a Hierarchy Tree.
Do I have to supply the classes doing the actual rendering myself, or do I just miss a required interface in my authentication provider?
Anyone who can help me with that?
I had this already posted in weblogic.developer.interest.portal, however that might have been the wrong place, so I'm cross-posting this item here.
Cheers,
ChristianHi All,
Found the reason for the exception. I was implementing the generated the CustomAuthenticatorImpl class (generated through WebLogic MBeanMaker utility) as the provider class by implementing the AuthenticationProvider interface. Keeping them separate solved the issue.
Able to create the jar without any issues and also no error or exception after restart.
Thanks. -
A third-party directory servers/security provider (LDAP)
Here is a scenario. If a security provider is a third-party directory servers that supports LDAP, is there a way to define roles in my schema table but LDAP be my authentication security provider? Sounds like a double security provider! (Looks like I had asked something similar long time ago)
Or does the LDAP server needs to be a real provider (authentication and authorization and handle roles as well and not leave anything for me except permissions) while I set up permissions in system-jazn-data.xml and define roles in web.xml that matches the roles in ldap?
Since the third party security provider throws in a login dialog, I may not have to use custom login module. But, I want to set up permissions. Hope I am making sense. Default realm jazn will now be replaced by something that says it is ldap. Is that assumption correct?
If I make sense, please point to a doc about the above scenario.
ThanksHi,
Here is a scenario. If a security provider is a third-party directory servers that supports LDAP, is there a way to define roles in my schema table but LDAP be my authentication security provider? Sounds like a double security provider! (Looks like I had asked something similar long time ago
You can use this scenario assuming you have a LoginModule that gets the authenticated user from LDAP and then queries the database for the security roles. This however doe not work with any of the LoginModules that are published on OTN or contained in OC4J
Frank -
Custom Authentication Provider and User Manage like SQLAuthenticator, How?
Hi everyone,
I faced a problem with login function of my portal (Webcenter Application). The Problem is:
- Allow the users logging in by user that store in another system. I must communicate using low level of socket. This really is not a problem.
- If user logged in, for first time of logging in, i must store them in some identity store (Maybe tables database).
- View Users in Weblogic Console. To do that, i known that i must implemeted something that i dont what that are.
Here are my work:
- I Created a Custom Authentication Provider. And configuration in Admin Console. But i don't know what are that i should implementing to View user & group in Admin Console.
- I Cannot logging in: After i created simple application for testing, i cannot logging in even i tested with SQLAuthenticator Provider and original DefaultProvider. In Logging Console, I saw every I Printed In The Code of Login Module.
Here are my Code:
<?xml version="1.0" ?>
<MBeanType Name = "OrkitVASPortal" DisplayName = "OrkitVASPortal"
Package = "orkit"
Extends = "weblogic.management.security.authentication.Authenticator"
PersistPolicy = "OnUpdate">
<MBeanAttribute
Name = "ProviderClassName"
Type = "java.lang.String"
Writeable = "false"
Default = ""orkit.OrkitVASPortalProviderImpl""
/>
<MBeanAttribute
Name = "Description"
Type = "java.lang.String"
Writeable = "false"
Default = ""WebLogic Simple Sample Audit Provider""
/>
<MBeanAttribute
Name = "Version"
Type = "java.lang.String"
Writeable = "false"
Default = ""1.0""
/>
<MBeanAttribute
Name = "LogFileName"
Type = "java.lang.String"
Default = ""SimpleSampleAuditor.log""
/>
</MBeanType>
package orkit;
import java.util.HashMap;
import javax.security.auth.login.AppConfigurationEntry;
import javax.security.auth.login.AppConfigurationEntry.LoginModuleControlFlag;
import weblogic.management.security.ProviderMBean;
import weblogic.security.provider.PrincipalValidatorImpl;
import weblogic.security.spi.*;
public final class OrkitVASPortalProviderImpl implements AuthenticationProviderV2 {
private String description;
private LoginModuleControlFlag controlFlag;
public OrkitVASPortalProviderImpl() {
System.out.println("The Orkit VASPortal Provider Implemented!!!!!");
@Override
public IdentityAsserterV2 getIdentityAsserter() {
return null;
// Our mapping of users to passwords/groups, instead of being in LDAP or in a
// database, is represented by a HashMap of MyUserDetails objects..
public class MyUserDetails {
String pw;
String group;
// We use this to represent the user's groups and passwords
public MyUserDetails(String pw, String group) {
this.pw = pw;
this.group = group;
public String getPassword() {
return pw;
public String getGroup() {
return group;
// This is our database
private HashMap userGroupMapping = null;
public void initialize(ProviderMBean mbean, SecurityServices services) {
System.out.println("The Orkit VASPortal Provider is intializing......");
OrkitVASPortalMBean myMBean = (OrkitVASPortalMBean) mbean;
description = myMBean.getDescription() + "\n" + myMBean.getVersion();
System.err.println("#In realm:" + myMBean.getRealm().wls_getDisplayName());
// We would typically use the realm name to find the database
// we want to use for authentication. Here, we just create one.
userGroupMapping = new HashMap();
userGroupMapping.put("a", new MyUserDetails("passworda", "g1"));
userGroupMapping.put("b", new MyUserDetails("passwordb", "g2"));
userGroupMapping.put("system", new MyUserDetails("12341234",
"Administrators"));
String flag = myMBean.getControlFlag();
if (flag.equalsIgnoreCase("REQUIRED")) {
controlFlag = LoginModuleControlFlag.REQUIRED;
} else if (flag.equalsIgnoreCase("OPTIONAL")) {
controlFlag = LoginModuleControlFlag.OPTIONAL;
} else if (flag.equalsIgnoreCase("REQUISITE")) {
controlFlag = LoginModuleControlFlag.REQUISITE;
} else if (flag.equalsIgnoreCase("SUFFICIENT")) {
controlFlag = LoginModuleControlFlag.SUFFICIENT;
} else {
throw new IllegalArgumentException("Invalid control flag " + flag);
public AppConfigurationEntry getLoginModuleConfiguration() {
HashMap options = new HashMap();
options.put("usermap", userGroupMapping);
System.out.println("UserMap: " + options);
return new AppConfigurationEntry(
"orkit.OrkitVASPortalLoginModule",
controlFlag, options);
public String getDescription() {
return description;
public PrincipalValidator getPrincipalValidator() {
return new PrincipalValidatorImpl();
public AppConfigurationEntry getAssertionModuleConfiguration() {
return null;
// public IdentityAsserter getIdentityAsserter() {
// return null;
public void shutdown() {
* To change this template, choose Tools | Templates
* and open the template in the editor.
package orkit;
import orkit.OrkitVASPortalProviderImpl;
import java.io.IOException;
import java.util.*;
import javax.security.auth.Subject;
import javax.security.auth.callback.*;
import javax.security.auth.login.*;
import javax.security.auth.spi.LoginModule;
import weblogic.security.principal.WLSGroupImpl;
import weblogic.security.principal.WLSUserImpl;
* This login module will be called by our Authentication Provider. It assumes
* that the option, usermap, will be passed which contains the map of users to
* passwords and groups.
public class OrkitVASPortalLoginModule implements LoginModule {
private Subject subject;
private CallbackHandler callbackHandler;
private HashMap userMap;
// Authentication status
private boolean loginSucceeded;
private boolean principalsInSubject;
private Vector principalsBeforeCommit = new Vector();
public void initialize(Subject subject, CallbackHandler callbackHandler,
Map sharedState, Map options) {
this.subject = subject;
this.callbackHandler = callbackHandler;
// Fetch user/password map that should be set by the authenticator
userMap = (HashMap) options.get("usermap");
* Called once after initialize to try and log the person in
public boolean login() throws LoginException {
// First thing we do is create an array of callbacks so that
// we can get the data from the user
Callback[] callbacks;
callbacks = new Callback[2];
callbacks[0] = new NameCallback("username: ");
callbacks[1] = new PasswordCallback("password: ", false);
try {
callbackHandler.handle(callbacks);
} catch (IOException eio) {
throw new LoginException(eio.toString());
} catch (UnsupportedCallbackException eu) {
throw new LoginException(eu.toString());
String username = ((NameCallback) callbacks[0]).getName();
System.out.println("Username: " + username);
char[] pw = ((PasswordCallback) callbacks[1]).getPassword();
String password = new String(pw);
System.out.println("PASSWORD: " + password);
if (username.length() > 0) {
if (!userMap.containsKey(username)) {
throw new FailedLoginException("Authentication Failed: Could not find user:" + username);
}else{
System.out.println("Contstainded Username");
String realPassword = ((OrkitVASPortalProviderImpl.MyUserDetails) userMap.get(username)).getPassword();
if (realPassword == null || !realPassword.equals(password)) {
throw new FailedLoginException("Authentication Failed: Password incorrect for user" + username);
}else{
System.out.println("Everyitng OKIE");
} else {
// No Username, so anonymous access is being attempted
loginSucceeded = true;
// We collect some principals that we would like to add to the user
// once this is committed.
// First, we add his username itself
principalsBeforeCommit.add(new WLSUserImpl(username));
// Now we add his group
principalsBeforeCommit.add(new WLSGroupImpl(((OrkitVASPortalProviderImpl.MyUserDetails) userMap.get(username)).getGroup()));
return loginSucceeded;
public boolean commit() throws LoginException {
if (loginSucceeded) {
subject.getPrincipals().removeAll(principalsBeforeCommit);
principalsInSubject = true;
return true;
} else {
return false;
public boolean abort() throws LoginException {
if (principalsInSubject) {
subject.getPrincipals().removeAll(principalsBeforeCommit);
principalsInSubject = false;
return true;
public boolean logout() throws LoginException {
return true;
}and OrkitVASPortalMBean & OrkitVASPortalImpl class created by MBeanMaker tool.
Can someome help.
Thanks in advance!Hi ,
SQLAuthenticator is not yet supported with UCM 11g due to some JPS Provider limitations .
Currently there is an Enhancement request for this .
Thanks
Srinath
Maybe you are looking for
-
Mini displayport it's compatible with thunderbolt?
Hey people, please help with this little problem
-
Order of Execution in WHERE clause
DB Version 10gR2 In a query like SELECT sal from emp where empid=7891 and empname='JOHN'; What does Oracle evaluate first in the WHERE clause, is it empid=7891 or empname='JOHN'? I couldn't find this in 10G R2 documentation, hence this thread.
-
SPNego - SETSPN with alias for two separate physical servers
Hi All We have a scenario where the client has a production server and a backup production server, and a single alias pointing to both (meaning - when the main production server fails, the requests are routed to the backup production server). We need
-
Problem in Passing internal table Function module
Hi experts, I am new to creating function module and needed certain suggestions. I have created a type inside the FM types: begin of T1 field A field B end of T1. Now, i have populated the internal table of this type but how to send it through the t
-
How do i get the date when enter a week number
Hi, can anyone tell me how do i get the date when enter a week number?? let say, i enter week number 4 and year 2008 result=26-01-2008 thanks..